There are 8 open security issues in buster.
1 important issue:
- CVE-2022-1515:
A memory leak was discovered in matio 1.5.21 and earlier in Mat_VarReadNextInfo5() in mat5.c via a crafted file. This issue can potentially result in DoS.
7 issues left for the package maintainer to handle:
- CVE-2019-13107:
(needs triaging)
Multiple integer overflows exist in MATIO before 1.5.16, related to mat.c, mat4.c, mat5.c, mat73.c, and matvar_struct.c
- CVE-2019-17533:
(needs triaging)
Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, leading to a heap-based buffer over-read in strdup_vprintf when uninitialized memory is accessed.
- CVE-2019-20017:
(needs triaging)
A stack-based buffer over-read was discovered in Mat_VarReadNextInfo5 in mat5.c in matio 1.5.17.
- CVE-2019-20018:
(needs triaging)
A stack-based buffer over-read was discovered in ReadNextCell in mat5.c in matio 1.5.17.
- CVE-2019-20019:
(needs triaging)
An attempted excessive memory allocation was discovered in Mat_VarRead5 in mat5.c in matio 1.5.17.
- CVE-2019-20020:
(needs triaging)
A stack-based buffer over-read was discovered in ReadNextStructField in mat5.c in matio 1.5.17.
- CVE-2020-19497:
(needs triaging)
Integer overflow vulnerability in Mat_VarReadNextInfo5 in mat5.c in tbeu matio (aka MAT File I/O Library) 1.5.17, allows attackers to cause a Denial of Service or possibly other unspecified impacts.
You can find information about how to handle these issues in the security team's documentation.